Re: rndc refresh fails for signed zones

Sorry for the bad advice. Am I correct in thinking that in the case of a hidden master and a chain of slaves, that the first publicly acessable slave would do the signing and that in any case only one instance of bind should do the signing? Tom Schulz Applied Dynamics Intl. sch...@adi.com

Re: rndc refresh fails for signed zones

On Dec 12 2013, Thomas Schulz wrote: Sorry for the bad advice. Am I correct in thinking that in the case of a hidden master and a chain of slaves, that the first publicly acessable slave would do the signing and that in any case only one instance of bind should do the signing? It would be

Re: rndc refresh fails for signed zones

Thomas Schulz sch...@adi.com wrote: Am I correct in thinking that in the case of a hidden master and a chain of slaves, that the first publicly acessable slave would do the signing and that in any case only one instance of bind should do the signing? It is better if the hidden master does the

Re: rndc refresh fails for signed zones

Same problem with: # named -V BIND 9.9.4-P1 On 11.12.2013 13:39, Klaus Darilion wrote: Hi! # named -V BIND 9.9.3-rl.13204.02-P2 I have configured slave zones with inline signing: zone mydomain.at { type slave; file /etc/bind/mydomain.at; masters { 1.2.3.4; };

Re: rndc refresh fails for signed zones

Hi! # named -V BIND 9.9.3-rl.13204.02-P2 I have configured slave zones with inline signing: zone mydomain.at { type slave; file /etc/bind/mydomain.at; masters { 1.2.3.4; }; key-directory /etc/bind/keys; auto-dnssec maintain;

Re: rndc refresh fails for signed zones

For normal slave zones (unsigned) it works fine. Is this a known bug? Where can I open a bug report? Any workarounds? Bug reports can go to bind9-b...@isc.org. I believe that only the master can sign the zone. Also, also-notify does not make much sense for a slave. With inline-signing,

Re: rndc refresh fails for signed zones

In article mailman.1811.1386774816.20661.bind-us...@lists.isc.org, sch...@adi.com (Thomas Schulz) wrote: Also, also-notify does not make much sense for a slave. A permissible configuration is one where A transfers from B, and B transfers from C. It then makes sense for C to notify B, and B to

Re: rndc refresh fails for signed zones

In message 52a85d1b.2010...@pernau.at, Klaus Darilion writes: Hi! # named -V BIND 9.9.3-rl.13204.02-P2 I have configured slave zones with inline signing: zone mydomain.at { type slave; file /etc/bind/mydomain.at; masters { 1.2.3.4; };